FirewallD is DBUS-enabled firewall software for Linux, which works on top of the in-kernel iptables firewall. It was created by Red Hat, but it is available on many Linux distributions, including in Gentoo as net-firewall/firewalld.
From the project homepage:
- Firewalld provides a dynamically managed firewall with support for network/firewall zones that define the trust level of network connections or interfaces. It has support for IPv4, IPv6 firewall settings, ethernet bridges and IP sets. There is a separation of runtime and permanent configuration options. It also provides an interface for services or applications to add firewall rules directly.
Its documentation is available on the project website in HTML format.
USE flags for net-firewall/firewalld A firewall daemon with D-Bus interface providing a dynamic firewall
||Enable support for a graphical user interface|
||Add support for net-firewall/iptables as firewall backend|
||Add support for net-firewall/nftables as firewall backend|
||Enable dependencies and/or preparations necessary to run tests (usually controlled by FEATURES=test but can be toggled independently)|
Configuration may be modified with firewall-cmd; changes will remain in effect until the service is restarted. To persist changes, either:
- Run after firewalld is in the desired state
- Include the --permanent flag with a given command. Running will be required for the changes with --permanent to take effect.
- Iptables — a program used to configure and manage the kernel's netfilter modules.
- ufw — the uncomplicated firewall